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Please amend claims 81, 84, 88, 89, 96, 98, 99, 102, 103, 109 and 113 to reflect the 
revised claims below. For the Examiner's convenience, and in compliance with 37 CFR § 
1.121, a marked up version of the amended claims is attached to this response as 
appendix A. 



81. (Amended) A method of conducting an electronic transaction using an 
electronic card having a public key of a service provider, comprising: 

formatting a key exchange request message at a member, at least a portion 
of the key exchange request message being encrypted using the service provider's public 
key from the electronic card; 

sending the key exchange request message from the member to the service 

provider; 

generating a session key exclusively by the service provider in response to 
the key exchange request message; 

formatting a key exchange response message including the session key at 
the service provider; 

sending the key exchange response message from the service provider to 
the member; and 

using the session key to complete the transaction. 

J , 

84. (Amended) The method of claim 82 or 83 wherein the use of the session $ 

key to complete the transaction comprises: 

formatting by the member a transaction request message using the session 
key, the transaction request message including a digital signature of the member, and 
sending the transaction request message to the service provider; and 

formatting at the service provider, a transaction response message for the 
member using the session key, the transaction response including a digital signature of 
the service provider, and sending the transaction response message to the member. 
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88. (Amended) The method of claim 84 wherein the transaction request 
^ message comprises the response to the service provider challenge. 
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89. (Amended) The method of claim 84 wherein the transaction response 
message includes data encrypted with the session kev. 



96. (Amended) A method of conducting an electronic transaction using an 
electronic card having a public key of a service provider, comprising: 
generating a member challenge by a member; 

encrypting by the member the member challenge using the service 
provider's public key from the electronic card to generate a first cryptogram; 

formatting by the member a key exchange request message including the 
first cryptogram and a public key of the member; 

signing digitally by the member the key exchange request message; 

sending the digitally signed key exchange request message to the service 

provider; 

generating by the service provider a service provider challenge; 

generating exclusively by the service provider a session key; 

encrypting by the service provider the service provider challenge and the 
session key using the member's public key to generate a second cryptogram; 

formatting by the service provider a key exchange response message 
including the second cryptogram and a response to the member challenge; 

signing digitally by the service provider the key exchange response 

message; 

sending the digitally signed key exchange response message to the 

member; 

encrypting by the member a member response for the service provider 
challenge using the session key to generate a third cryptogram; 

attaching the third cryptogram to a transaction message going from the 
member to the service provider; 

signing digitally by the member the transaction message going from the 
member to the service provider; and 

sending the transaction message from the member to the service provider. 
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98, (Amended) The method of claim 96 wherein the key exchange request 
message comprises the member's public key encrypted with the service provider's public 
key. 

99. (Amended) The method of claim 96 wherein the generation of the second 
cryptogram further comprises encrypting the member challenge response as part of the 
second cryptogram. 



102. (Amended) The method of claim 101 further comprising using the 
transaction identifier with a second transaction message following the transaction 
message and going from the member to the service provider. 

1 03 . (Amended) A method of communication using an electronic card having a 
public key of a service provider, comprising: 

formatting a first key exchange request message at a first member, the first 
key exchange request message having a public key of the first member, and at least a 
portion of the first key exchange request message being encrypted using the service 
provider's public key from the electronic card; 

sending the first key exchange request message from the first member to a 
second member; 

combining at a second member, a second member key exchange request 
message with the first member's key exchange request message and sending the 
combined key exchange request message, signed by the second member, to a service 
provider; 

generating a first session key exclusively by the service provider in 
response to the first key exchange request message; 

generating a second session key exclusively by the service provider in 
response to the second key exchange request message; 

formatting a key exchange response message at the service provider 
including a first session key for the first member, signing the response message, 
formatting a key exchange response message including the second session key for the 
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second member, combining the key exchange response messages into a combined key 
exchange response message, signing the combined key exchange response message, and 
sending the combined key exchange response message to the second member; and 

separating at the second member, the key exchange response message for 
the second member from the key exchange response message for the first member, and 
forwarding the key exchange response message for the first member to the first member. 

109. (Amended) A method of communication using an electronic card 
having a public key of a service provider, comprising: 

formatting a first key exchange request message at a first member, the first 
key exchange request message having a public key of the first member, and at least a 
portion of the first key exchange request message being encrypted using the service 
provider's public key from the electronic card; 

sending the first key exchange request message from the first member to at 
least one intermediate member coupled in series between the first member and the service 
provider, each of said at least one intermediate member being either a message router or 
a participating member; 

generating, if said at least one intermediate member comprises at least one 
participating member, at each of the participating members a key exchange request; 

receiving at the service provider a combined key exchange request 
message from said at least one intermediate member, the combined key exchange request 
message comprising the first key exchange request message and the key exchange request 
message generated by each of the participating members; 

generating exclusively by the service provider a first session key for the 
first member and a participating session key for each of the participating members; 

formatting at the service provider a key exchange response message 
including each of the first and participating session keys; 

sending the key exchange response message from the service provider to 
said at least one intermediate member; 

separating by each participating member its respective participating 
session key from the key exchange response message; and 
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sending the first session key from said at least one intermediate member to 
f thff first pi^™^ — ~ ~ 

i ■ 

113. (Amended) A method of communication using an electronic card having 

a public key of a service provider, comprising: 

formatting a key exchange request message at each of a plurality of first 

members, the key exchange request message for one of the first members having a public 

key of said one of the first members, and at least a portion of the key exchange request 

message for said one of the first members being encrypted using the service provider's 

public key from the electronic card; 

sending from each of the first members its respective key exchange 

request message to a second member, the second member being either a message router 

or a participating member; 

generating, if the second member is a participating member, a second key 

exchange request message at the second member; 

combining at the second member the key exchange request message from 

each of the first members to form a combined key exchange request message, the 

combined key exchange request message further comprising the second key exchange 

request message if the second member is a participating member; 

receiving at the service provider the combined key exchange request 

message from the second member; 

generating exclusively by the service provider a first session key for each 

of the first members, and a second session key for the second member if the second 

member is a participating member; 

formatting at the service provider a key exchange response message 

including each of the first and second session keys; 

sending the key exchange response message from the service provider to 

the second member; 

separating by the second member the second session key from the key 

exchange response message if the second member is a participating member; 
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